CNNVD-202508-169 Information
CNNVD ID
CNNVD-202508-169
Related CVE
- CNNVD Published: 2025-08-03
Description (Chinese)
XWiki Contrib Mocca Calendar Application是XWiki Contrib开源的一个XWiki插件。 XWiki Contrib Mocca Calendar Application 2.15之前版本存在跨站脚本漏洞,该漏洞源于日历导入标题存在跨站脚本。
Description (English)
XWiki Contrib Mocca Calendar Application is an XWiki plugin for XWiki Contrib open source. XWiki Contrib Mocca Calendar Application 2.15 contains a cross-stop script loophole, which stems from the existence of a cross-stop script in the calendar import title.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
XWiki Contrib
Published
2025-08-03
Last Modified
2026-02-24
References
https://github.com/xwikisas/application-mocca-calendar/security/advisories/GHSA-mc3x-h7p6-334p https://github.com/xwiki-contrib/application-mocca-calendar https://extensions.xwiki.org/xwiki/bin/view/Extension/MoccaCalendar https://access.redhat.com/security/cve/cve-2025-52133
Patch
https://github.com/xwikisas/application-mocca-calendar/tags
Share on: